OpenID Connect is a core component of an identity management suite. An identity layer used on top of OAuth, OpenID Connect is a modern federation specification.

Related articles

What is The Role of Identity in API Security?

What options do APIs and microservices have when it comes to authentication and authorization? What is the role of identity in API security? In our last LiveCast, we sought to discover best practices for handling identity within API security. We featured two illuminating lightning talks; one from David Garney of Tyk and another from Travis Spencer of…

Read More

Assisted Token Flow: The Answer to OAuth Integration in Single Page Applications

OAuth is an incredibly popular internet standard for granting apps and web services access to the information available on other websites. Though the implementation is complex, the premise is simple: you tell a website you want to access its data, you log in with the user’s details, and off you go — but without some…

Read More

High-Grade API Security For Banks

Financial institutions occupy a special zone for APIs largely because of how stringent the regulatory compliance rulesets are. The data that financial institutions leverage are protected wiy by a variety of regulatory ordinances, and as such, this data has to be stringently controlled, secured, and managed – hence why high-grade API security is such a…

Read More

Securing the IoT for Decades to Come

In 2007 Kevin Kelly gave a TED talk in which he forecasted how the World Wide Web would lo 5000 days into the future, prophesizing the emergence of the IoT and AI. He envisioned a connected planet where all manufactured goods tap into a single, global, intelligent network. At the time, the Internet of…

Read More

API Keys ≠ Security: Why API Keys Are Not Enough

Despite the alluring simplicity and ease of utilizing API Keys, the shifting of security responsibility, lack of granular control, and misunderstanding of purpose and use amongst most developers makes solely relying on API Keys a poor decision. More than just protecting API keys, we need to program robust identity control and access management features to safeguard the entire API platform….

SCIM: Building the Identity Layer for the Internet

In 2014, a working group reached consensus for v2.0 of SCIM — a simple yet powerful standard that and large digital organizations are beginning to adopt for cross-domain identity management. Just last month, the Internet to a leap forward in standardizing SCIM specifications, now officially published by the Internet Engineering Task Force as…

Read More